The Web    Google
9/24: JPGDownloader Creates Images

9/24: JPGDownloader Creates Images
September 24, 2004

JPGDownloader is a program that allows to create images in JPG format that exploit the vulnerability described in the Microsoft bulletin MS04-028, Buffer Overrun in JPEG processing.

If this specially crafted JPG image is opened using a vulnerable application, the vulnerability allows to download a file from the Internet and run it on the affected computer. The downloaded file will usually have a malicious nature: viruses, worms, Trojans, spyware, adware, etc.

It is very recommendable to visit Microsoft's official web site and check whether any application vulnerable to Buffer Overrun in JPEG processing is installed on your computer, and if so, apply the corresponding security patch.

Technical details are at Panda Software page.

  • 6/7: Spybot-BZ Copies Itself to Folder
  • 9/20: Mydoom-Y Worm Connects To URL
  • House to Create Homeland Security Oversight Committee
  • 8/6: Lovgate-F a Mass-Mailing Worm
  • 6/4: Agobot.300544 a Memory Resident
  • Spyware Sneaking into the Enterprise
  • A Password Policy Primer
  • Searching for Wi-Fi Security Solutions
  • 5/2: Oscarbot Virus Spreads a Hyperlink
  • Time to Remind Users of Security Responsibilities
  • 11/1: Bagle-BE Worm Opens TCP Port
  • Cheap Security Camera